<?
function NewsForm($id)
{

$title = '';
$keywords = '';
$description = '';
$h1 = '';
$alt = '';
$body = '';

$gs = &getService('GlobalSettings');

if($id!=''):
$link = mysql_connect($gs->get('db_host'), $gs->get('db_username'), $gs->get('db_password'));
mysql_select_db($gs->get('db_name'), $link) or die(mysql_error());

$query = "select * from news where id = " . $id;
$res = mysql_query($query) or die(mysql_error());

    while ($row=mysql_fetch_array($res))
     {
      $title = $row["caption"];
      $body = $row["text"];
     }

$query = "select * from headers where p_id = \"news_" . $id . "\"";
$res = mysql_query($query) or die(mysql_error());
    while ($row=mysql_fetch_array($res))
     {
      $keywords = $row["p_keywords"];
      $description = $row["p_description"];
      $h1 = $row["p_h1"];
      $alt = $row["logo_alt"];
     }

mysql_close($link);

endif;

$content = "<div class=\"header\"><h1>Edit News:</h1></div><br/>\r";
$content = $content . "<form action=\"admin.php?action=news_upload\" enctype=\"multipart/form-data\" method=\"post\">\r";
$content = $content . "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\r";
$content = $content . "<table class=\"newsform\">\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">Title</td>\r";
$content = $content . "<td><input type=\"text\" name=\"title\" value=\"" . $title . "\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">Keywords:</td>\r";
$content = $content . "<td><input type=\"text\" name=\"meta_keywords\" value=\"" . $keywords . "\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">Description</td>\r";
$content = $content . "<td><input type=\"text\" name=\"meta_description\" value=\"" . $description . "\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">H1</td>\r";
$content = $content . "<td><input type=\"text\" name=\"h1\" value=\"" . $h1 . "\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\"><b>Text</b></td>\r";
$content = $content . "<td><textarea name=\"description\" rows=\"16\">" . $body . "</textarea></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\"><b>IMG</b></td>\r";
$content = $content . "<td><input type=\"file\" name=\"browse\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">IMG ALT</td>\r";
$content = $content . "<td><input type=\"text\" name=\"alt\" value=\"" . $alt . "\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "<tr>\r";
$content = $content . "<td class=\"news\">Referer</td>\r";
$content = $content . "<td><input type=\"text\" name=\"referer\" value=\"" . $alt . "\" size=\"255\"></td>\r";
$content = $content . "</tr>\r";
$content = $content . "</table>\r";
$content = $content . "<br/><div class=\"mnu\"><input type=\"submit\" name=\"add\" value=\"Submit\">&nbsp;&nbsp;&nbsp;&nbsp;<a href=\"news.php\">>Go Back</a></div>\r";
$content = $content . "</form>\r";

return $content;
}

function ListNews()
{

$gs = &getService('GlobalSettings');

$content = "<div class=\"header\"><h1>Current News:</h1></div><br/>\r";
$content = $content . "<table cellpadding=\"0\" cellspacing=\"0\" class=\"newstable\">\r";
$content = $content . "<tr class=\"header\">\r";
$content = $content . "<td width=\"42\">id</td>\r";
$content = $content . "<td>Header</td>\r";
$content = $content . "<td width=\"98\">Date</td>\r";
$content = $content . "<td width=\"112\">Actions</td>\r";
$content = $content . "</tr>\r";

$link = mysql_connect($gs->get('db_host'), $gs->get('db_username'), $gs->get('db_password'));
mysql_select_db($gs->get('db_name'), $link) or die(mysql_error());

$query = "select id, caption, date from news order by date DESC";
$res = mysql_query($query) or die(mysql_error());
$tmp = 1;

 while ($row=mysql_fetch_array($res))
  {
  $caption = $row["caption"];
  if(strlen($caption)>80):
   $caption = substr($caption, 0, 77) . "...";
  endif;

  if($tmp==1):
   $content = $content . "<tr class=\"odd\">\r";
   $tmp++;
  else:
   $content = $content . "<tr>\r";
   $tmp = 1;
  endif;
   $content = $content . "<td><b>" . $row["id"] . "</b></td>\r";
   $content = $content . "<td><div align=\"left\">&nbsp;" . $caption . "</div></td>\r";
   $content = $content . "<td>" . $row["date"] . "</td>\r";
   $content = $content . "<td><a href=\"news.php?action=edit&id=" . $row["id"] . "\">Edit</a>&nbsp;";
   $content = $content . "<a href=\"http:news.php?action=delete&id=" . $row["id"] . "\">Delete</a></td>\r";
   $content = $content . "</tr>\r";
  }

mysql_close($link);

$content = $content . "</table>\r";
$content = $content . "<br/><div class=\"mnu\"><a href=\"news.php?action=new\">Add News</a></div>\r";

return $content;
}

 function DeleteNews($id){
  $gs = &getService('GlobalSettings');
  $link = mysql_connect($gs->get('db_host'), $gs->get('db_username'), $gs->get('db_password'));
   mysql_select_db($gs->get('db_name'), $link) or die(mysql_error());

   $query = "delete from news where id = " . $id; 
   mysql_query($query) or die(mysql_error());
 
   mysql_close($link);
   
   return ListNews();
}	



include_once '../global-includes.php';

echo "<html>\r\n<head>\r\n<title></title>\r\n<link href=\"admin.css\" type=\"text/css\" rel=\"stylesheet\" />\r\n</head>\r\n<body>\r\n<center>";

switch($_REQUEST["action"]){
 case '': $content = ListNews();
         break;
 case 'edit': $content = NewsForm($_REQUEST["id"]);
         break;
 case 'new': $content = NewsForm($_REQUEST["id"]);
         break;
 case 'delete': $content = DeleteNews($_REQUEST["id"]);
         break;
 }

print $content;

echo "</center>\r\n</body>\r\n</html>"; 

?>